Salam Houchou, Developer in Zürich, Switzerland
Salam is available for hire
Hire Salam

Salam Houchou

Verified Expert  in Engineering

Security Architect and Developer

Location
Zürich, Switzerland
Toptal Member Since
March 15, 2022

Salam is an IT security architect and consultant in information, cyber, and cloud security. With 20 years of experience, a master's degree in cyber security, and Microsoft Azure, GCP, and AWS security certifications, he excels in designing and implementing initiatives to manage security risks and compliance while maximizing safety and security expectations. Salam is keen on re-organizing, streamlining, and strengthening existing operations by implementing cutting-edge, cost-effective solutions.

Portfolio

Colleva, Inc.
IT Security, SecOps, Azure, Security, SOC 2, GDPR, IDS/IPS, SaaS Security
Lloyds Banking Group
AWS Cloud Security, AWS Cloud Architecture, Cloud Security, Azure, CyberArk...
Databricks - Security Team (UK)
Security, NIST, Amazon Web Services (AWS), ISO 27001, Okta, SecOps, IT Security...

Experience

Availability

Part-time

Preferred Environment

Amazon Web Services (AWS), Google Cloud Platform (GCP), SIEM, Cloud Security, Application Security, Microsoft Azure, Security Architecture, Information Security, Compliance, SOC 2

The most amazing...

...project I've worked on is engineering, designing, and implementing information security controls to one of the biggest monitoring platforms in Switzerland.

Work Experience

Security Architect

2024 - PRESENT
Colleva, Inc.
  • Crafted and implemented a suite of robust security policies tailored to the company's specific needs and industry requirements. These policies covered areas such as data protection, access control, incident response, and risk management.
  • Guided the company through the SOC 2 compliance process from start to finish, ensuring adherence to industry-leading security standards and best practices.
  • Provided expert mentorship and support to internal teams, facilitating their understanding of SOC 2 requirements and helping them implement necessary controls and procedures.
  • Leveraged Azure's built-in security features such as Azure Security Center, Azure Policy, Azure Firewall, and Azure Identity and Access Management (IAM) to enhance visibility, protect against threats, and enforce compliance requirements.
  • Configured Azure Security Center to provide continuous monitoring and threat detection capabilities, allowing for real-time detection of suspicious activities, unauthorized access attempts, and potential security breaches.
  • Implemented a proactive approach to security through continuous improvement and optimization of Azure security controls.
Technologies: IT Security, SecOps, Azure, Security, SOC 2, GDPR, IDS/IPS, SaaS Security

Cybersecurity Architect

2022 - 2024
Lloyds Banking Group
  • Deployed identity and access management on the client's AWS cloud environment following the least privilege and zero-trust principle.
  • Automated the cloud infrastructure provision with Terraform in AWS and the Google Cloud Platform and developed plans to migrate hosted on-premises services to Amazon AWS.
  • Ensured the wider cybersecurity architecture, team-designed solutions that balanced the security risk, protected customers with user experience and business innovation, and articulated risk mitigation requirements to the business.
  • Architected security controls for SaaS integrations against the security framework. Validated and guided the implementation of the best security practices across the business.
Technologies: AWS Cloud Security, AWS Cloud Architecture, Azure, Cloud Security, CyberArk, SaaS, IT Security, Compliance, Consulting, ISO 27001, Security Architecture, Cybersecurity, IP Networks, Security Engineering, Vulnerability Management, Intrusion Prevention Systems (IPS), SIEM, Cloud, Enterprise Risk Management (ERM), SQL, Financial Services, Data Privacy, Telecommunications, Identity & Access Management (IAM), Threat Modeling, ISO 27002, Insurance, Network Security, Remote Access Security, NIST, Documentation, Microsoft Azure, Information Security, Cloud Architecture, Networks, Cisco, Risk Management, Database Security, Endpoint Security, Security, Web Security, Web App Security, Google Cloud, Vulnerability Assessment, Single Sign-on (SSO), SOC 2, System Administration, DevSecOps, DevOps, Monitoring, Intrusion Detection Systems (IDS), Security Policies & Procedures, Zero Trust, SAML-auth, OWASP, Data Protection, Group Policy, IT Governance, Data Governance, Governance, GRC, Security Audits, CISO, Microsoft 365, Computer Security, Load Balancers, Scaling, Security Management, Risk Assessment, Information Assurance, Stakeholder Management, GitHub, Critical Security Controls (CIS Controls), ConfigServer Security & Firewall (CSF), CrowdStrike, Detection Engineering, Data Encryption, Threat Intelligence, Data Integrity Testing, CI/CD Pipelines, GDPR, OpenID, OAuth, Terraform, Managed Security Service Providers (MSSP), Data Loss Prevention (DLP), Azure Cloud Services, Audits, Networking, IDS/IPS, Endpoint Detection and Response (EDR), GCP Security, SaaS Security

Enterprise Security Engineer

2022 - 2023
Databricks - Security Team (UK)
  • Strengthened, validated, and guided the implementation of security best practices across the business, focusing expertise on using processes, systems, and how to use them to promote safe practices.
  • Defined and developed the organization's approach to corporate assets and worked to ensure their security and availability.
  • Documented security standards that IT teams can implement and use their SaaS apps for hardening.
  • Architected security controls for SaaS integrations against security frameworks.
  • Provided security controls for diverse applications and infrastructure in multi-cloud environments, including AWS, Azure, and GCP.
Technologies: Security, NIST, Amazon Web Services (AWS), ISO 27001, Okta, SecOps, IT Security, FedRAMP, IP Networks, Security Engineering, Vulnerability Management, Threat Modeling, Documentation, Microsoft Azure, Information Security, Cloud Architecture, Networks, Database Security, Cybersecurity, Web Security, Web App Security, Google Cloud, Single Sign-on (SSO), SOC 2, System Administration, DevSecOps, DevOps, Monitoring, Intrusion Detection Systems (IDS), Security Policies & Procedures, Zero Trust, SAML, OWASP, Data Protection, Group Policy, IT Governance, Data Governance, Governance, GRC, CISO, Microsoft 365, Computer Security, Load Balancers, Scaling, Security Management, Risk Assessment, Information Assurance, Stakeholder Management, GitHub, Critical Security Controls (CIS Controls), ConfigServer Security & Firewall (CSF), CrowdStrike, Detection Engineering, Data Encryption, Threat Intelligence, Data Integrity Testing, CI/CD Pipelines, OpenID, OAuth, Terraform, Data Loss Prevention (DLP), Azure Cloud Services, GCP Security, SaaS Security

Security Architect

2011 - 2021
Swisscom
  • Designed and developed security architectures for cloud and hybrid cloud-based systems with a solid understanding of AWS and Microsoft Azure platforms.
  • Established strong relationships with the application development teams, facilitating cloud environment sizing and formulating disaster recovery capabilities to meet the application needs.
  • Deployed cloud infrastructure with Terraform in AWS and Google Cloud Platform. Developed plans to migrate hosted on-premises services to Amazon AWS, ensuring data security and privacy and providing continuous monitoring and logging.
Technologies: Cloud Security, Security Architecture, IT Security, Compliance, Consulting, ISO 27001, Cybersecurity, Firewalls, IP Networks, Security Engineering, Vulnerability Management, Intrusion Prevention Systems (IPS), SIEM, Cloud, Enterprise Risk Management (ERM), AWS Cloud Architecture, Financial Services, Data Privacy, Telecommunications, Identity & Access Management (IAM), ISO 27002, Network Security, Remote Access Security, NIST, Documentation, Microsoft Azure, Information Security, Cloud Architecture, Networks, Cisco, Palo Alto Networks, Risk Management, Database Security, Endpoint Security, Security, Web Security, Web App Security, Vulnerability Assessment, Single Sign-on (SSO), SOC 2, DevSecOps, DevOps, Monitoring, Intrusion Detection Systems (IDS), Zero Trust, SAML-auth, Data Protection, Group Policy, IT Governance, Data Governance, Governance, GRC, Security Audits, CISO, Computer Security, Scaling, Security Management, Risk Assessment, Information Assurance, Stakeholder Management, GitHub, Critical Security Controls (CIS Controls), ConfigServer Security & Firewall (CSF), CrowdStrike, Detection Engineering, Data Encryption, Threat Intelligence, Data Integrity Testing, GDPR, OAuth, Terraform, Managed Security Service Providers (MSSP), Data Loss Prevention (DLP), Azure Cloud Services, Audits, Networking, IDS/IPS, Endpoint Detection and Response (EDR), GCP Security, SaaS Security

Security Consultant

2010 - 2010
CRYPTO AG
  • Designed and deployed hardened network and security architectures for global military, defense, and government customers. Presented information on infrastructure plans, progress, and resolution of information security gaps to higher management.
  • Executed complex projects and delivered essential security and business requirements by leveraging existing processes, assessing, managing, and reporting risks and issues, and providing mitigation options to key stakeholders.
  • Reinforced information security across all government departments. Contributed to establishing the security operations center, which supported the achievement of business goals.
Technologies: Architecture, Cryptography, IT Security, Compliance, Consulting, ISO 27001, Security Architecture, Cybersecurity, Firewalls, IP Networks, Security Engineering, Vulnerability Management, Intrusion Prevention Systems (IPS), SIEM, Cloud, Enterprise Risk Management (ERM), Network Security, Remote Access Security, NIST, Documentation, Information Security, Networks, Cisco, Database Security, Endpoint Security, Security, Web Security, Web App Security, Vulnerability Assessment, Single Sign-on (SSO), SOC 2, DevOps, Monitoring, Intrusion Detection Systems (IDS), Group Policy, IT Governance, Data Governance, Governance, GRC, Computer Security, Scaling, Security Management, Risk Assessment, Information Assurance, Critical Security Controls (CIS Controls), ConfigServer Security & Firewall (CSF), CrowdStrike, Detection Engineering, Data Encryption, Threat Intelligence, GDPR, Managed Security Service Providers (MSSP), Data Loss Prevention (DLP), Audits, Networking, IDS/IPS, Endpoint Detection and Response (EDR)

Architect

2009 - 2010
Roche
  • Identified design and security gaps in existing and proposed architectures and recommended changes or enhancements. Acted as the technical security design authority for the IT program.
  • Built strong relationships with technology providers and businesses and identified security technologies that would add value to the company.
  • Devised a global remote-access and security project distributed to 20,000 users and deployed the business application.
Technologies: Architecture, Security, IT Security, Compliance, Consulting, ISO 27001, Security Architecture, IP Networks, Security Engineering, Vulnerability Management, Intrusion Prevention Systems (IPS), SIEM, Cloud, Enterprise Risk Management (ERM), Pharmaceuticals, ISO 27002, Network Security, Remote Access Security, NIST, Documentation, Information Security, Networks, Cisco, Single Sign-on (SSO), Data Governance, Computer Security, Risk Assessment, Critical Security Controls (CIS Controls), ConfigServer Security & Firewall (CSF), CrowdStrike, Threat Intelligence, GDPR, Managed Security Service Providers (MSSP), Networking

e-Government Security

I reinforced information security across all government departments and contributed to establishing the security operations center, supporting the business goals. My responsibilities involved:
• Designing and developing hardened network and security architectures
• Presenting infrastructure plans, progress data, and solutions for information security gaps
• Leveraging existing security processes
• Assessing, managing, and reporting risks and issues and providing mitigation options

Remote Access Solution

I developed and designed a global remote access and security project. My responsibilities involved:
• Deploying the business application and handling the distribution for 20 thousand users
• Identifying design and security gaps in the existing and proposed architectures
• Recommending changes and improvements

Security Management Project

I contributed to this project as a consultant in cloud security solutions working on a new cloud offering, infrastructure migration, and implementation of cloud security principles according to the National Institute of Standards and Technology (NIST), International Organization for Standardization (ISO), and Cloud Security Alliance (CSA). My responsibilities involved delivering:
• A data loss prevention (DLP) solution
• Content filtering
• Firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS)
• Endpoint protection
• Log management
• Analytics solutions

Languages

SAML, SQL

Libraries/APIs

OpenID

Tools

GitHub, ConfigServer Security & Firewall (CSF), Terraform, GCP Security

Paradigms

DevSecOps, DevOps

Platforms

Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP)

Industry Expertise

Cybersecurity, Telecommunications, Insurance, Network Security

Storage

Database Security, Google Cloud, Azure Cloud Services

Other

Firewalls, Intrusion Prevention Systems (IPS), SaaS, Architecture, Networking, SIEM, Cryptography, Cloud, Enterprise Risk Management (ERM), AWS Cloud Security, Cloud Security, Security Architecture, IP Networks, Security Engineering, Security, Remote Access Security, IT Security, Compliance, Consulting, ISO 27001, Okta, NIST, Documentation, SecOps, Endpoint Security, FedRAMP, Vulnerability Management, Application Security, Microsoft Azure, Information Security, ISO 27002, Financial Services, Data Privacy, Pharmaceuticals, Identity & Access Management (IAM), Threat Modeling, Cloud Architecture, Networks, Cisco, Palo Alto Networks, Risk Management, Web Security, Web App Security, Vulnerability Assessment, Single Sign-on (SSO), SOC 2, System Administration, Monitoring, Intrusion Detection Systems (IDS), Security Policies & Procedures, Audits, Zero Trust, SAML-auth, OWASP, Data Protection, Group Policy, IT Governance, Data Governance, Governance, GRC, CISO, Computer Security, Load Balancers, Scaling, Security Management, Risk Assessment, Information Assurance, Stakeholder Management, Critical Security Controls (CIS Controls), CrowdStrike, Detection Engineering, Data Encryption, Threat Intelligence, Data Integrity Testing, CI/CD Pipelines, GDPR, OAuth, Managed Security Service Providers (MSSP), Data Loss Prevention (DLP), IDS/IPS, Endpoint Detection and Response (EDR), SaaS Security, AWS Cloud Architecture, Security Audits, Microsoft 365, CyberArk, Forensics

2017 - 2019

Master of Science Degree in Cyber Security

University of Liverpool - Liverpool, United Kingdom

MAY 2023 - PRESENT

AWS Solutions Architect Professional

Amazon Web Services

SEPTEMBER 2021 - PRESENT

Microsoft Certified: Azure Security Engineer Associate

Microsoft

JULY 2021 - PRESENT

AWS Certified Security - Specialty

Amazon Web Services (AWS)

JULY 2020 - PRESENT

Aviatrix Certified Engineer Multi-Cloud Network Associate

Aviatrix

FEBRUARY 2020 - FEBRUARY 2023

AWS Certified Solutions Architect Associate

AWS

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring